Gabriel Schanuel gschanuel
gschanuel
/ gist:45edee446e8990de4b89b3d4d7674d40
Created
April 26, 2023 16:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| interface-name=mydomain.com,eth0 | |
| cname=*.mydomain.com,mydomain.com | |
| auth-zone=mydomain.com,eth0 | |
| auth-server=mydomain.com,eth0 | |
| interface=eth0 | |
| no-dhcp-interface=true | |
| expand-hosts |
gschanuel
/ gist:10b2e8ec14485747374ee02553d18064
Created
April 27, 2022 17:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "@timestamp": "2022-04-20T22:05:01.466Z", | |
| "@metadata": { | |
| "beat": "metricbeat", | |
| "type": "_doc", | |
| "version": "7.17.0" | |
| }, | |
| "metricset": { | |
| "name": "perfmon", | |
| "period": 10000 |
gschanuel
/ gist:65a36eb194982c604c1caed91be58b97
Created
April 27, 2022 16:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| beats { | |
| port => "5245" | |
| tags => [ "activedirectory-stats" ] | |
| } | |
| } | |
| filter { | |
| json { | |
| source => "event" | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'json' | |
| file = File.read('./event.json') | |
| event = JSON.parse(file) | |
| keys = event['windows']['perfmon']['metrics'] | |
| hash=keys.map { |key, value| | |
| key.split('_').reverse.reduce(value) { | |
| |key_value, next_key| { | |
| next_key => key_value | |
| } |
gschanuel
/ event.json
Created
April 26, 2022 19:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "@timestamp": "2022-04-20T22:05:01.466Z", | |
| "@metadata": { | |
| "beat": "metricbeat", | |
| "type": "_doc", | |
| "version": "7.17.0" | |
| }, | |
| "metricset": { | |
| "name": "perfmon", | |
| "period": 10000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'json' | |
| file = File.read('./event.json') | |
| event = JSON.parse(file) | |
| keys = event['windows']['perfmon']['metrics'] | |
| hash=keys.map { |key, value| | |
| key.split('_').reverse.reduce(value) { | |
| |key_value, next_key| { | |
| next_key => key_value | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"dra":{"inbound":{"bytes":{"compressed":{"intrasite":{"aftercomp":{"sinceboot":581310384}}}}}}} | |
| {"dra":{"inbound":{"bytes":{"compressed":{"total":{"sec":4440.169084727925}}}}}} | |
| {"dra":{"inbound":{"bytes":{"compressed":{"intrasite":{"aftercomp":{"sinceboot":581310384}}},"total":{"sec":4440.169084727925}}}}} |
gschanuel
/ gist:d2c161fb285cae88fce896ebcb3c1c21
Created
April 26, 2022 18:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "dra": { | |
| "inbound": { | |
| "bytes": { | |
| "total": { | |
| "sec": 4440.169084727925 | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'json' | |
| file = File.read('./event.json') | |
| event = JSON.parse(file) | |
| keys = event['windows']['perfmon']['metrics'] | |
| keys.each{|key,value| | |
| hash = {} | |
| if ( key =~ /_/ ) | |
| key.split('_').reduce(hash) { |h,m| h[m] = {} } | |
| puts hash.to_json | |
| end |
gschanuel
/ event.json
Created
April 25, 2022 17:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "@timestamp": "2022-04-20T22:05:01.466Z", | |
| "@metadata": { | |
| "beat": "metricbeat", | |
| "type": "_doc", | |
| "version": "7.17.0" | |
| }, | |
| "metricset": { | |
| "name": "perfmon", | |
| "period": 10000 |